A Look at BSD Rootkits · Slashdot Mirror

Posted by Zonk on Thursday May 31, 2007 @06:43AM from the under-the-devil's-horns dept.

blackbearnh writes "Windows has a reputation for being easily exploited by rootkits, but just because you're using Linux or BSD doesn't mean you're safe from infection. In an interview on O'Reilly's ONLamp site, Joseph Kong (author of Designing BSD Rootkits ), talks about how to build and defend against Rootkits under BSD. 'I know a lot of people who refer to rootkits and rootkit-detectors as being in a big game of cat and mouse. However, it's really more like follow the leader — with rootkit authors always being the leader. Kind of grim, but that's really how it is. Until someone reveals how a specific (or certain class of) rootkit works, nobody thinks about protecting that part of the system. And when they do, the rootkit authors just find a way around it. This is what I meant earlier when I said rootkit hunting is hard — as you really have to validate the integrity of the entire system.'"

1 of 98 comments (clear)

Min score:

Reason:

Sort:

GNU is the problem, not Linux by Benaiah · 2007-05-31 15:41 · Score: 0, Offtopic

It's not really the problem with the Linux kernel. Its all of the other applications that make up the GNU/Linux bundle.
If only the same amount of discipline that goes into kernel changes went into all GNU applications. Secure systems aren't that hard to develop. They require proper procedures to be in place to follow while coding to avoid simple buffer overflow.